Total vulnerabilities in the database
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improper validation of the server firmware upgrade images. An attacker could exploit this vulnerability by installing a server firmware version that would allow the attacker to disable UEFI Secure Boot. A successful exploit could allow the attacker to bypass the signature validation checks that are done by UEFI Secure Boot technology and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.
| Software | From | Fixed in |
|---|---|---|
| cisco / fmc1000-k9_bios | - | 4.0.1f.0 |
| cisco / fmc1000-k9_firmware | - | 4.0.2h |
| cisco / fmc2500-k9_bios | - | 4.0.1f.0 |
| cisco / fmc2500-k9_firmware | - | 4.0.2h |
| cisco / fmc4500-k9_bios | - | 4.0.1f.0 |
| cisco / fmc4500-k9_firmware | - | 4.0.2h |
| cisco / sns-3515-k9_bios | - | 4.0.2d |
| cisco / sns-3515-k9_firmware | - | 4.0.2h |
| cisco / sns-3595-k9_bios | - | 4.0.2d |
| cisco / sns-3595-k9_firmware | - | 4.0.2h |
| cisco / sns-3615-k9_bios | - | 4.0.1i |
| cisco / sns-3615-k9_firmware | - | 4.0.1g |
| cisco / sns-3655-k9_bios | - | 4.0.1i |
| cisco / sns-3655-k9_firmware | - | 4.0.1g |
| cisco / sns-3695-k9_bios | - | 4.0.1i |
| cisco / sns-3695-k9_firmware | - | 4.0.1g |
| cisco / tg5004-k9_bios | - | 4.0.2d |
| cisco / tg5004-k9_firmware | - | 4.0.2h |
| cisco / tg5004-k9-rf_bios | - | 4.0.2d |
| cisco / tg5004-k9-rf_firmware | - | 4.0.2h |
| cisco / identity_services_engine | 2.4(0.357) | 2.4(0.357).x |
| cisco / identity_services_engine | 2.6(0.156) | 2.6(0.156).x |
| cisco / unified_computing_system | 3.2(3h)c | 3.2(3h)c.x |